File e4116eaa-CVE-2020-25637.patch of Package libvirt.16766
commit e4116eaa44cb366b59f7fe98f4b88d04c04970ad
Author: Ján Tomko <jtomko@redhat.com>
Date: Fri Sep 18 17:54:14 2020 +0200
rpc: require write acl for guest agent in virDomainInterfaceAddresses
CVE-2020-25637
Add a requirement for domain:write if source is set to
VIR_DOMAIN_INTERFACE_ADDRESSES_SRC_AGENT.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Index: libvirt-4.0.0/src/libxl/libxl_driver.c
===================================================================
--- libvirt-4.0.0.orig/src/libxl/libxl_driver.c
+++ libvirt-4.0.0/src/libxl/libxl_driver.c
@@ -6288,7 +6288,7 @@ libxlDomainInterfaceAddresses(virDomainP
if (!(vm = libxlDomObjFromDomain(dom)))
goto cleanup;
- if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def) < 0)
+ if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def, source) < 0)
goto cleanup;
if (!virDomainObjIsActive(vm)) {
Index: libvirt-4.0.0/src/qemu/qemu_driver.c
===================================================================
--- libvirt-4.0.0.orig/src/qemu/qemu_driver.c
+++ libvirt-4.0.0/src/qemu/qemu_driver.c
@@ -20354,7 +20354,7 @@ qemuDomainInterfaceAddresses(virDomainPt
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
- if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def) < 0)
+ if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def, source) < 0)
goto cleanup;
if (!virDomainObjIsActive(vm)) {
Index: libvirt-4.0.0/src/remote/remote_protocol.x
===================================================================
--- libvirt-4.0.0.orig/src/remote/remote_protocol.x
+++ libvirt-4.0.0/src/remote/remote_protocol.x
@@ -5905,6 +5905,7 @@ enum remote_procedure {
/**
* @generate: none
* @acl: domain:read
+ * @acl: domain:write::source:VIR_DOMAIN_INTERFACE_ADDRESSES_SRC_AGENT
*/
REMOTE_PROC_DOMAIN_INTERFACE_ADDRESSES = 353,
